Name: Seamless Upgrades for Credential Security in Apache Tomcat - Christopher Schultz, Total Child Health
Start: 2016-05-13T11:20:00-0700
End: 2016-05-13T12:10:00-0700

Back To Schedule

Seamless Upgrades for Credential Security in Apache Tomcat - Christopher Schultz, Total Child Health

Clear-text credentials (user passwords) were never a good idea. Not only are both MD5 and SHA1 now dead, even more modern hashing algorithms aren't appropriate for credential storage in an era of hash-lookup sites. Some recent additions to Apache Tomcat have made it easier to use more secure credential-storage mechanisms along with container-managed security. They can even be used to seamlessly upgrade from older, less-secure algorithms to newer, more secure ones.

We'll investigate the modifications to Tomcat that allow developers and operations staff to use these features, and look at how to actually plug custom credentials-handling mechanisms into an existing Tomcat-based application.

Speakers

Christopher Schultz

Chief Technology Officer, Total Child Health, Inc.

Christopher Schultz is the CTO of Total Child Health, Inc. where he leads a small team of engineers to build server-side healthcare-related software in Java. Chris is an ASF Member active in the Apache Tomcat and Velocity communities as well as a committer on both projects, and Tomcat... Read More →

Seamless Upgrades for Credential Security in Apache Tomcat pdf

Friday May 13, 2016 11:20am - 12:10pm PDT
Plaza A

Tomcat/ATS, Intermediate

ApacheCon 2016

Christopher Schultz

Attendees (18)

ApacheCon 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Christopher Schultz

Attendees (18)